Tuesday, October 4, 2022
HomeCyber Security125 clients affected by information breach, no passwords stolen

125 clients affected by information breach, no passwords stolen


Cloud communications big Twilio, the proprietor of the extremely common two-factor authentication (2FA) supplier Authy, says that it has thus far recognized 125 clients who had their information accessed throughout a safety breach found final week.

The corporate added the attackers behind this incident weren’t capable of acquire entry to the affected purchasers’ authentication data.

“We’ve recognized roughly 125 Twilio clients whose information was accessed by malicious actors for a restricted time frame, and we now have notified all of them,” Twilio revealed in an replace to the unique disclosure.

“There isn’t any proof that buyer passwords, authentication tokens, or API keys have been accessed with out authorization.”

The attackers gained entry to Twilio’s community utilizing credentials belonging to a number of staff, stolen in an SMS phishing assault.

After discovering the intrusion, Twilio revoked the compromised worker credentials to dam the attackers’ entry to its programs and began notifying affected clients.

The corporate additionally requested a number of U.S. cellular carriers to close down the accounts used to ship the phishing messages, however the menace actors switched to new accounts and resumed their assaults.

SMS phishing message sent to Twilio employees
SMS phishing message despatched to Twilio staff (Twilio)

Coordinated SMS phishing marketing campaign

Twilio mentioned that it coordinated its account takedown requests with different tech firms which have additionally been focused in comparable assaults.

Cloudflare, whose staff additionally had their credentials stolen in an identical SMS phishing assault, mentioned the attackers didn’t breach its programs after their login makes an attempt have been blocked as a result of its staff are utilizing company-issued FIDO2-compliant {hardware} safety keys.

“Whereas the attacker tried to log in to our programs with the compromised username and password credentials, they might not get previous the arduous key requirement,” Cloudflare defined.

Twilio additionally disclosed in Could 2021 that it was affected by final 12 months’s Codecov supply-chain assault the place menace actors trojanized the reputable Codecov Bash Uploader instrument to steal credentials and secret keys from Codecov clients.

It supplies programmable voice, textual content, chat, video, and e-mail APIs utilized by over 10 million builders at 150,000 firms (together with Coca-Cola, Salesforce, Dell, Twitter, VMware, Uber, Stripe, and eBay) to construct buyer engagement platforms.

In February 2015, Twilio additionally acquired Authy, a well-liked two-factor authentication (2FA) supplier for finish customers and enterprises with thousands and thousands of customers worldwide.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments